Another day, another security flaw -- this one affecting Mozilla's Web browser, Firefox. But this one is easy enough for you to fix.

On Thursday, Mozilla revealed a vulnerability in its browser that was discovered by a Firefox user. An ad on an unnamed news site in Russia was able to tap into the vulnerability to upload certain files from a user's computer to a server apparently based in the Ukraine. Exploiting Firefox's PDF Viewer and its use of the widespread JavaScript code, the hack seems to capture only "developer focused" files -- think FTP (file transfer protocol) -- at least in Windows. Your personal files and data aren't caught in the attack, but the hack is still alarming.

The targetting of developers is scary. I can imagine some attackers being able to do a worm-like cascade of attacks by stealing and then exploiting developer logins and get the malware on more sites. If a developers computer gets infected that means that any code on their computer could also be infected.

I had Firefox set to notify on updates (not autoinstall) on one computer and the update notification popup is really a bit too low key for serious cases like this. Maybe shift to big red flashing letters?